We support our Publishers and Content Creators. You can view this story on their website by CLICKING HERE.

The firm has not revealed the number of impacted customers.

American car rental firm Avis revealed it recently suffered a data breach, with the attackers gaining access to personal data belonging to customers.

“We discovered on August 5, 2024, that an unauthorized third party gained access to one of our business applications,” said a Sept. 4 data breach notification sent to customers. Avis “determined on August 14, 2024, that your personal information was obtained by the unauthorized third party,” including name and other details.

The firm did not reveal how many people nationwide were affected by the breach.

In a filing with the South Carolina Department of Consumer Affairs, the company said that 3,708 residents from that state were impacted.

“After becoming aware of the incident, we immediately took steps to end the unauthorized access, began an investigation with assistance from cybersecurity experts, and alerted the relevant authorities,” Avis said.

Avis asked customers to “remain vigilant against threats of identity theft or fraud. You can do this by regularly reviewing and monitoring your account statements and credit history for any signs of unauthorized transactions or activity. You can contact the credit reporting agencies if you suspect any unauthorized activity.”

The company is offering affected individuals free credit monitoring services from Equifax for one year. The service provides identity detection and helps to resolve identity theft issues, it said. Affected customers are required to sign up by Dec. 31.

The company said it is working with cybersecurity experts to boost security protections for the business application impacted by the hack.

Additional safeguards have been implemented into the firm’s system, with Avis “actively reviewing” its security monitoring and controls.

The Epoch Times reached out to Avis for comment.

Avis’ data breach follows a major cyberattack that disrupted the car industry in June. CDK Global, a software firm serving more than 15,000 car dealerships in the United States, was the target in this incident.
The company’s software is used to manage sales, inventory, customer support, and other aspects of dealership operations. The outage negatively affected the operations of car dealerships on a large scale.

State of Car Security

According to the 2024 Global Automotive Cybersecurity Report by network security firm Upstream, 50 percent of all cyber incidents in the auto sector last year had “high or massive impact.” Ninety-five percent of the attacks were found to have been executed remotely.

Over past years, cybersecurity risks in the industry have grown from experimental hacks to large-scale attacks, with the number and scale of cyber incidents rising “significantly” to the extent that it threatens the safety of the vehicle and the passengers, Upstream noted.

“The number of high and massive-scale incidents more than doubled between 2022 and 2023, the report said.

“High and massive-scale attacks can potentially impact up to millions of mobility assets (e.g. vehicles, charging stations, companion apps, backend systems),” it said.

Upstream called electric vehicle (EV) charging a “growing threat frontier,” with charging stations becoming a “battleground for attacks.”

At present, EVs make up around 15 percent of new car sales globally. By 2040, EVs are expected to gain the “majority of market share,” Upstream said.

In an emailed statement to The Epoch Times last year, Elias Bou-Harb, who directs the Cyber Center for Security and Analytics at the University of Texas, San Antonio, said that the center’s researchers “continue to see escalated attacks on such infrastructure, including remote and physical attacks.”

“Cyber-attacks on charging stations can be prevented to a large extent through proper security measures and protocols. While it’s challenging to achieve 100 percent prevention, proactive steps can significantly reduce the risk of attacks,” he said.

A report by software firm Synopsys found that software security was failing to maintain pace with technology in the auto sector. It called software in the automotive supply chain “a major risk.”

Masooma Haq contributed to the report.